From owner-freebsd-questions@FreeBSD.ORG Tue Mar 29 04:26:09 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1E9EB16A4CE for ; Tue, 29 Mar 2005 04:26:09 +0000 (GMT) Received: from ns1.tiadon.com (SMTP.tiadon.com [69.27.132.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8C19443D39 for ; Tue, 29 Mar 2005 04:26:08 +0000 (GMT) (envelope-from kdk@daleco.biz) Received: from [69.27.131.0] ([69.27.131.0]) by ns1.tiadon.com with Microsoft SMTPSVC(6.0.3790.211); Mon, 28 Mar 2005 22:23:02 -0600 Message-ID: <4248D8DD.6000507@daleco.biz> Date: Mon, 28 Mar 2005 22:26:05 -0600 From: Kevin Kinsey User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.3) Gecko/20041210 X-Accept-Language: en-us, en MIME-Version: 1.0 To: John Public References: <20050328214946.5092.qmail@web50110.mail.yahoo.com> In-Reply-To: <20050328214946.5092.qmail@web50110.mail.yahoo.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 29 Mar 2005 04:23:02.0588 (UTC) FILETIME=[FF3A8FC0:01C53416] cc: Jeff Wirth cc: freebsd-questions@freebsd.org Subject: Re: su command problem X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Mar 2005 04:26:09 -0000 John Public wrote: >I'm apologize for being unclear. Let me try again. I >have not modified the mysql-server.sh script in any >way. The 'su -m mysql -c date' line is merely an >example of what I used to see if 'su' is having a >problem. All that line does is run the 'date' command >as the mysql user. I used this for testing between >the 5.3 system and the 5.2.1 system to see if there >was a difference. > >Indeed there was a difference. On the 5.2.1 system >the command ran 'date' w/o any problem and then >returned control to the root shell, but on the 5.3 >system, it su'ed me to the mysql account, but did not >execute the 'date' command and stayed w/ the mysql >account. > >This is how I have come to the conclusion that it has >something to do w/ the su command or security relating >to it, rather than the scripts which are used to run >mysql or nagios. I guess I'm trying to determine if >this is a bug in the 'su' command or if there is a >security setting somewhere in 5.3 which changes the >behavior of 'su'. > >Thanks again for your attention. >John > > So, we need to check on a few things between the two systems; I'd start with the contents of /etc/passwd, which should be the same on both machines. FWIW, I can't reproduce the "problem" on 5.3 nor 4.11, as long as I'm running as root or using sudo. Running without privileges gives a "Password" prompt, as expected.... Kevin Kinsey